public IActionResult GetById([FromQuery] int id)
        {
            // only allow admins to access other user records
            var currentUserId = int.Parse(User.Identity.Name);

            if (id != currentUserId && !User.IsInRole(Role.Admin))
            {
                return(Unauthorized());
            }

            var assoicate = Service.GetAssociateById(id);

            if (assoicate == null)
            {
                return(NotFound());
            }

            return(Ok(assoicate));
        }
Example #2
0
 public ActionResult Edit(int?id)
 {
     if (id == null)
     {
         return(View("BadRequest"));
     }
     else
     {
         try
         {
             AssociateViewModel associateViewModel = _associateService.GetAssociateById(id.Value);
             CreateSummaryOfIds(associateViewModel);
             return(View(associateViewModel));
         }
         catch
         {
             throw;
         }
     }
 }